Whereas a lot of the dialogue on AI safety facilities round defending ‘shadow’ AI and GenAI consumption, there is a wide-open window no one’s guarding: AI browser extensions.
A new report from LayerX exposes simply how deep this blind spot goes, and why AI extensions stands out as the most harmful AI risk floor in your community that is not on anybody’s radar.
AI browser extensions do not set off your DLP and do not present up in your SaaS logs. They reside contained in the browser itself, with direct entry to every thing your workers see, sort, and keep logged into. AI extensions are 60% extra prone to have a vulnerability than extensions on common, are 3 occasions extra prone to have entry to cookies, 2.5 occasions extra prone to be in a position to execute distant scripts within the browser, and 6 occasions extra prone to have elevated their permissions prior to now yr. These extensions set up in seconds and might stay in your surroundings indefinitely.
The Browser Extension Risk Floor Is Everyone, But No one Is Watching
The first false impression is that extensions are a distinct segment threat. One thing restricted to a subset of customers or edge instances. That assumption is totally unsuitable.
In accordance with the report, 99% of enterprise customers run not less than one browser extension, and greater than 1 / 4 have over 10 put in. This just isn’t a protracted tail drawback; it’s common.
But most organizations can not reply primary questions. Which extensions are in use? Who put in them? What permissions have they got? What knowledge can they entry?
Safety groups have spent years constructing visibility into networks, endpoints, and identities. Sarcastically, browser extensions stay a serious blind spot.
AI Extensions Are The AI Consumption Channel That No one Talks About
Whereas a lot of the present dialog round AI safety focuses on SaaS platforms and APIs, this report highlights a completely different and largely ignored channel: AI browser extensions.
These instruments are spreading rapidly. About 1-in-6 enterprise customers already use not less than one AI extension, and that quantity is just rising.
Organizations could block or monitor direct entry to AI purposes. However extensions function in another way. They sit contained in the browser. They can entry web page content material, consumer inputs, and session knowledge with out triggering conventional controls.
In impact, they create an ungoverned layer of AI utilization, one which bypasses visibility and coverage enforcement.
AI Extensions Are Not Simply In style. They Are Riskier
It might be simple to imagine that AI extensions carry the same threat to different extensions. The info exhibits in any other case.
AI extensions are considerably extra harmful. They’re 60% extra prone to have a CVE than common, 3x extra prone to have entry to cookies, 2.5x extra prone to have scripting permissions, and 2x extra prone to be in a position to manipulate browser tabs.
Every of those permissions carries actual implications. Cookie entry can expose session tokens. Scripting allows knowledge extraction and manipulation. Tab management can facilitate phishing or silent redirection.
This mix of quick adoption, elevated entry, and weak governance makes AI extensions an pressing rising risk vector.
Extensions Are Not Static. They Change Over Time
Safety groups typically deal with extensions as static. One thing that may be permitted as soon as and forgotten. However that’s not the way it works.
Extensions evolve. They obtain updates. They change possession. They broaden permissions.
The report exhibits that AI extensions are almost six occasions extra prone to change their permissions over time, and that greater than 60% of customers have not less than one AI extension that has modified its permissions prior to now yr.
This creates a transferring goal that conventional allowlists can not sustain with. An extension that was protected yesterday will not be protected in the present day.
The Belief Hole in Browser Extensions Is Wider Than Anticipated
Safety groups depend on a spread of belief indicators to judge extensions, together with writer transparency, set up counts, replace frequency, and the presence of a privateness coverage. Whereas these don’t straight point out malicious habits, they’re key to assessing total threat.
A good portion of extensions have very low consumer bases. Extra than 10% of all extensions have fewer than 1,000 customers, 1 / 4 have fewer than 5,000 customers, and a 3rd have fewer than 10,000 installations. That is notably a problem with AI extensions, the place 33% of AI extensions have fewer than 5,000 customers, and almost 50% of AI extensions have lower than 10,000 customers.A big consumer base is crucial for establishing ongoing belief, however as soon as once more, AI extensions are displaying considerably greater threat.
Furthermore, round 40% of extensions haven’t acquired an replace in over a yr, suggesting that they’re now not actively maintained. Extensions that aren’t recurrently up to date could comprise unresolved vulnerabilities or outdated code that attackers exploit.
Consequently, most extensions utilized in enterprise environments present weak or lacking indicators throughout these areas. This raises critical questions on knowledge dealing with and compliance. It additionally highlights how little scrutiny extensions obtain in comparison with different software program elements.
Turning Perception into Motion: The Path Ahead for CISOs
The report outlines a transparent path for safety groups:
- Repeatedly Audit The Group’s Extension Risk Floor: With 99% of enterprise customers operating not less than one extension, a full stock is a compulsory first step towards threat discount. CISOs ought to do an organization-wide extension audit overlaying all browsers, managed and unmanaged endpoints, throughout all customers.
- Apply Focused Safety Controls to AI Extensions: AI extensions signify an outsized threat as a consequence of their elevated permissions that may expose SaaS classes, identities, and delicate in-browser knowledge. Organizations ought to apply stricter governance insurance policies to regulate how these extensions work together with enterprise environments.
- Analyze Extension Habits, Not Simply Static Parameters: Static approvals are usually not enough. Threat must be constantly assessed primarily based on permissions, habits, and adjustments over time.
- Implement Belief and Transparency Necessities: Extensions which have very low set up counts, lack privateness insurance policies, or present poor upkeep historical past needs to be handled as greater threat. Establishing minimal belief standards helps scale back publicity to unverified or deserted extensions.
A New Lens On An Outdated Downside
For years, browser extensions have been handled as a comfort characteristic. One thing to allow productiveness and customization. Nonetheless, they’re now not a peripheral threat. They are a core a part of the enterprise assault floor. Broadly used, extremely privileged, and largely unmonitored, they create direct publicity to delicate knowledge and consumer classes.
Obtain the complete Extension Safety report from LayerX to know the complete scope of those findings, establish the place your publicity really lies, and get a transparent path to controlling this rising assault floor with out disrupting productiveness.
